Tor-only email
�Andy Dixon
andy at ajd.me.uk
Thu May 1 09:18:17 UTC 2008
On 1 May 2008, at 10:02, Roger Dingledine wrote:
> On Thu, May 01, 2008 at 09:47:50AM +0100, ?Andy Dixon wrote:
>> If anyone is interested, I need a few people to create an account,
>> and test the pop3,imap, smtp (internal only) and webmail.
>
> Hi Andy,
>
> A word of warning: pop3 and imap tend to communicate authentication
> information in plaintext. Sending protocols like those over the open
> Internet (whether using Tor or not) is generally a very risky thing
> to do.
> Sending them over Tor may be even riskier.
>
> (There are safe ways to do it, e.g. by making sure that your Tor
> clients
> use a hidden service to transport their plaintext protocols, or making
> sure they always exit from a relay that's on the same local network as
> the destination. But you need to think carefully about these issues in
> any case.)
>
> --Roger
Hi Roger,
The services are only configured as hidden Tor services at the
moment, however I am thinking about going SSL so that email can be
accessed from a 'normal' connection..
I'm sue that most people, if they wanted such a service, would
probably prefer to use a web-based mail service purely for convenience..
Andy
More information about the tor-talk
mailing list